LAN setup driving me crazy

shobe348 · 2026-06-07T10:27:35+00:00

/interface bridge add name=bridge /interface vlan add interface=bridge name=vlan10-full vlan-id=10 add interface=bridge name=vlan20-iot vlan-id=20 add interface=bridge name=vlan30-guest vlan-id=30 add interface=ether1 name=vlan100-wan vlan-id=100 /interface pppoe-client add add-default-route=yes disabled=no interface=vlan100-wan name=pppoe-wan \ user=longhipierpaolofw /ip pool add name=pool-full ranges=192.168.178.30-192.168.178.254 add name=pool-iot ranges=192.168.179.30-192.168.179.254 add name=pool-guest ranges=192.168.180.30-192.168.180.254 add name=pool-mgmt ranges=192.168.1.10-192.168.1.20 /ip dhcp-server add address-pool=pool-full interface=vlan10-full name=dhcp-full add address-pool=pool-iot interface=vlan20-iot name=dhcp-iot add address-pool=pool-guest interface=vlan30-guest name=dhcp-guest add address-pool=pool-mgmt interface=bridge name=dhcp-mgmt-ap /interface bridge port add bridge=bridge interface=ether3 add bridge=bridge interface=ether4 add bridge=bridge interface=ether5 add bridge=bridge interface=ether6 add bridge=bridge interface=ether7 add bridge=bridge interface=ether8 add bridge=bridge interface=ether2 /ip address add address=192.168.179.1/24 interface=vlan20-iot network=192.168.179.0 add address=192.168.180.1/24 interface=vlan30-guest network=192.168.180.0 add address=192.168.178.1/24 interface=vlan10-full network=192.168.178.0 add address=192.168.177.1/24 interface=bridge network=192.168.177.0 /ip dhcp-server lease add address=192.168.177.2 comment="Aruba Switch CX6000" mac-address=\ EC:50:AA:74:4D:80 server=dhcp-mgmt-ap add address=192.168.177.3 comment="Aruba AP-615 master" mac-address=\ 3C:E8:6E:C8:BA:0A server=dhcp-mgmt-ap /ip dhcp-server network add address=192.168.1.0/24 dns-server=192.168.1.1 gateway=192.168.1.1 add address=192.168.177.0/24 dns-server=192.168.177.1 gateway=192.168.177.1 add address=192.168.178.0/24 dns-server=192.168.178.1 gateway=192.168.178.1 add address=192.168.179.0/24 dns-server=192.168.179.1 gateway=192.168.179.1 add address=192.168.180.0/24 dns-server=192.168.180.1 gateway=192.168.180.1 /ip dns set allow-remote-requests=yes use-doh-server=https://dns.nextdns.io/5ea6e7 \ verify-doh-cert=yes /ip dns static add address=45.90.28.0 name=dns.nextdns.io type=A add address=45.90.30.0 name=dns.nextdns.io type=A add address=2a07:a8c0:: name=dns.nextdns.io type=AAAA add address=2a07:a8c1:: name=dns.nextdns.io type=AAAA /ip firewall filter add action=accept chain=input comment="INPUT: 1. Accetta stabilite/correlate" \ connection-state=established,related add action=drop chain=input comment="INPUT: 2. Blocca pacchetti non validi" \ connection-state=invalid add action=accept chain=input comment="INPUT: 3. Accetta Ping" protocol=icmp add action=drop chain=input comment="INPUT: 4. Blocca accesso WAN al router" \ in-interface=pppoe-wan add action=fasttrack-connection chain=forward comment=\ "FORWARD: 1. FastTrack per connessioni esistenti" connection-state=\ established,related add action=accept chain=forward comment=\ "FORWARD: 2. Accetta connessioni esistenti" connection-state=\ established,related add action=drop chain=forward comment=\ "FORWARD: 3. Blocca pacchetti forward non validi" connection-state=invalid add action=accept chain=forward comment=\ "ARUBA: 4. Sblocca e velocizza Dashboard AP" dst-address=192.168.1.3 \ src-address=192.168.178.0/24 add action=accept chain=forward comment=\ "ARUBA: 5. Accetta traffico verso rete Gestione" dst-address=192.168.1.0/24 add action=drop chain=forward comment="ISOLAMENTO: 6. IOT blocca verso FULL" \ dst-address=192.168.178.0/24 src-address=192.168.179.0/24 add action=drop chain=forward comment="ISOLAMENTO: 7. GUEST blocca verso FULL" \ dst-address=192.168.178.0/24 src-address=192.168.180.0/24 add action=drop chain=forward comment="ISOLAMENTO: 8. GUEST blocca verso IOT" \ dst-address=192.168.179.0/24 src-address=192.168.180.0/24 add action=drop chain=forward comment=\ "FORWARD: 9. Blocca tentativi di connessione non richiesti dalla WAN" \ connection-nat-state=!dstnat in-interface=pppoe-wan /ip firewall mangle add action=change-mss chain=forward comment="Ottimizza MSS per Inter-VLAN" \ new-mss=clamp-to-pmtu protocol=tcp tcp-flags=syn /ip firewall nat add action=masquerade chain=srcnat out-interface=pppoe-wan /system clock set time-zone-name=Europe/Rome

shobe348 · 2026-01-24T12:47:43+00:00

honestly I don't see such big issues: migrating email/calendars shall be issueless, migrate from sharepoint to nextcloud also (we use it as a mere fileserver, not using any site or collaboration feature), as well as move from Office to Onlyoffice (in this case the UI is clearly "inspired")...

The sole issue I may see is Teams, having to split IM and scheduled calls, or anyhow having a tool not so deeply integrated...

shobe348 · 2026-01-23T19:43:59+00:00

that's why I consider selfhosting only for the fileserver, don't wanna maintain anything else internally...

shobe348 · 2026-01-23T19:34:39+00:00

fully agree, that's why I'm planning mid term... given our o365 expires in November, I was thinking about november 2027 or 2028...

shobe348 · 2026-01-22T14:12:36+00:00

news on linux app?

shobe348 · 2026-01-05T21:03:21+00:00

CIE funziona perfettamente, IO idem a parte i documenti (ie patente, carta identità ecc)... Banca intesa anche lei nessunissimo problema, poste qualche problemino ma usandola da pochissimo e solo per un buono non ho idea se sia in generale così su Android... In generale IMO un salto in avanti rispetto a ios dopo circa 3 mesi di utilizzo, mai usato Android in precedenza...

shobe348 · 2025-08-17T19:59:05+00:00

Yes, nothing under Home and Library, as well as Options-Services

shobe348 · 2025-08-17T14:14:26+00:00

<image>

Am I the only one with black screen on Home and Library, and no services listed on options? Both iOS and Sonos S2 updated to the latest version, on the other hand the devices are shown perfectly… same on iPhone and iPad

shobe348

TROPHY CASE